Long-Term Memory (Honcho)
ReviewAudited by ClawScan on May 10, 2026.
Overview
This is a transparently disclosed long-term memory setup skill, but it installs an external plugin that can upload memory files and continue sending conversation data to Honcho after setup.
Before installing, make sure you are comfortable sending the listed memory and workspace files, plus future conversation data, to api.honcho.dev or your configured self-hosted Honcho URL. Review the files before confirming migration, protect your Honcho API key, and disable the plugin when you no longer want persistent memory.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the plugin gives code outside this skill package the ability to run inside OpenClaw and implement the memory behavior.
The skill installs an external plugin package whose code is not included in the provided artifacts; this is expected for a setup skill, but users are relying on the external package source.
openclaw plugins install @honcho-ai/openclaw-honcho
Install only if you trust the Honcho plugin package and its publisher; consider reviewing the linked source or pinning/verifying the package where possible.
Your Honcho account credential may be stored in OpenClaw configuration and used by the plugin to access the Honcho service.
The setup uses a Honcho API key and stores configuration locally, which is expected for the managed Honcho service and is disclosed.
Prompt interactively for your Honcho API key ... Write configuration to `~/.openclaw/openclaw.json`
Use an appropriately scoped Honcho API key if available, protect `~/.openclaw/openclaw.json`, and remove or rotate the key if you stop using the plugin.
Private user profile, memory, workspace, and agent-configuration content may be sent to Honcho and reused for future memory retrieval.
The skill discloses migration of workspace memory and agent-configuration files to an external memory API; this is purpose-aligned but involves sensitive persistent context.
uploads ... USER.md, MEMORY.md, IDENTITY.md, memory/, canvas/, SOUL.md, AGENTS.md, BOOTSTRAP.md, TOOLS.md to api.honcho.dev
Review the listed files before confirming migration, avoid uploading secrets or sensitive notes, and use a self-hosted `HONCHO_BASE_URL` if you need local control.
Conversation content may continue being sent to the configured Honcho service and later influence agent responses.
The plugin creates ongoing persistent memory from conversations, which is central to long-term memory but means future tasks may rely on stored context.
Once enabled, the plugin will persistently observe conversations in this workspace and send conversation data to `api.honcho.dev` ... across sessions.
Enable only in workspaces where this ongoing memory behavior is acceptable, and disable it with `openclaw plugins disable openclaw-honcho` when no longer needed.